This is a bug. Would you please post your bug report email on
googlecode? I will fix it asap.
On Jan 18, 12:23 pm, Nathan VanHoudnos <nathan...@gmail.com> wrote:
> Hi,
>
> A minimal example:
> likertRightAnswer = ['Yes', 'No', 'Impossible to tell']
>
> form = SQLFORM.factory(
> Field('rightAnswer',
> widget=horizontal_radios,
> requires=IS_IN_SET(likertRightAnswer,
> error_message=T('Please choose a
> response.'))),
> hidden={'timestart':request.now.strftime('%Y-%m-%d %H:%M:%S')}
> )
>
> In this case, BEAUTIFY(request.post_vars) will include, timestart and
> rightAnswer, but BEAUTIFY(form.vars) will only include rightAnswer.
>
> If we instead setup the appropriate db as db.ratings, and then do:
> likertRightAnswer = ['Yes', 'No', 'Impossible to tell']
>
> form = SQLFORM(db.ratings,
> hidden={'timestart':request.now.strftime('%Y-%m-%d %H:%M:%S')}
> )
>
> In this case, both BEAUTIFY(request.post_vars) and BEAUTIFY(form.vars) will
> both include timestart and rightAnswer.
>
> The second behavior is "more expected" at least to me.
>
> Right now, I'm using request.post_vars.timestart to access the value after
> the form.accepts call, but this feels like I'm hacking something together.
>
> And it essentially circumvents the security feature discussed in this
> thread:
>
> http://groups.google.com/group/web2py/browse_thread/thread/ab21d9d216...
>
> So is this a bug? Or should I be doing something different? (My application
> creates a bunch of little temporary forms and I don't want to bloat
> the data-store with them.)
>
> Cheers,
> --
> Nathan VanHoudnos
> |- Statistics & Public Policy PhD student
> |- Program for Interdisciplinary Education Research (PIER) Fellowship
> |- Carnegie Mellon University
> |-http://www.andrew.cmu.edu/user/nmv
>
> "Neglect of mathematics works injury to all knowledge,
> since he who is ignorant of it cannot know the other
> sciences or the things of this world." -- Roger Bacon
